Encryption: How it works and why it’s so important

If you’ve followed international news on business, tech or even politics lately, you’re likely to have seen the word “encryption” pop up all over the place. But while it’s often mentioned in the context of billion-dollar tech companies and superstar whistleblowers, it’s easy to forget that easy access to encryption can greatly benefit even normal web users like you and me.

The History of Encryption
From around 1500 B.C. all the way to 40 years ago, encrypting text followed pretty much the same routine. People who wanted to pass encrypted messages to one another had to use something called symmetric encryption. This meant that there was one secret code (key), which would both to turn readable messages (plaintext) into an unreadable mess (ciphertext) and back to readable form.

This system had two main problems: Firstly, all the communicating parties had to share copies of the secret key with each other. This meant either meeting to physically share the key or using a trusted courier. Secondly, keeping this communication private relied on all parties keeping the key to themselves. If multiple people used the same key, everyone’s communication would be vulnerable if just one person was careless or compromised.

Public-Key EncryptionWhen asymmetric encryption (more commonly known as public-key encryption) was invented and made public in 1976, it was a bigger deal than anyone could imagine. This system uses two keys instead of one. First there is the public key, the only purpose of which is to let the sender encrypt plaintext into ciphertext. After the message has been encrypted, nobody (not even the sender) can open the message except for the person with the private key.

A simple way to understand this is to think of a post box with two keys to it. The public key lets you put letters in the box, but not look inside. The owner of the private key is the only one who has access to the contents of the box. The two keys are mathematically linked, but it’s not possible to use the readily available public key to get the private key. I know it sounds like magic, but it’s actually just an application of modular arithmetic.

Hard to Understand, Easy to UseNow we know how encryption works, but what’s in it for the average person? You, like a lot of people, might be thinking “I have nothing to hide online, so why should I go through all the trouble of encrypting what I do?”

First of all, there really is no hassle. The process of sending and receiving encrypted messages requires insanely complex equations, but machines do it for you. For instance, messages sent via services such as Whatsapp are automatically end-to-end encrypted so that nobody else except the people involved in the chat can see them, not even the service providers themselves.

“With VPN you become this online ninja, who is coming from somewhere and going somewhere else, but they don’t know exactly who you are or where you’re from”.

Why is Encryption So Important?

The average user should consider this: is your life really the open book you might think it is? If your web history, emails and instant messages contain no information you’d wouldn’t mind sharing with the world, then I applaud you. But the fact is, most of us do have information we would like to hide (e.g. social security numbers, login credentials, bank accounts) and criminals want to steal it and profit from it. Encryption is not 100% criminal proof, but it goes a long way towards keeping others from accessing your private, personal information.

The internet has given citizens of the world unprecedented power to communicate with each other, share ideas and together make this planet a better place to be. Encryption lets us do all of these things, safely and securely.

“You might think that you have nothing to hide, but you have everything to protect”.
– Mikko Hyppönen, F-Secure CRO